cleantalk
Vulnerabilities and Security Researches

WPeMatico RSS Feed Fetcher, CVE-2025-13031

CVE, Research URL

CVE-2025-13031

Home page URL

Security reports for WPeMatico RSS Feed Fetcher

Application

WPeMatico RSS Feed Fetcher

Published on
Dec 09, 2025
Research Description
The WPeMatico RSS Feed Fetcher WordPress plugin before 2.8.13 does not sanitize and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks
Affected versions
max 2.8.13.
Status
vulnerable
Previous vulnerability researches
WPeMatico RSS Feed Fetcher (CVE-2021-24793) , Jun 07, 2024
WPeMatico RSS Feed Fetcher (CVE-2025-49922) , Nov 11, 2025
WPeMatico RSS Feed Fetcher (CVE-2025-57937) , Apr 25, 2026
WPeMatico RSS Feed Fetcher (CVE-2025-8103) , Jul 26, 2025
WPeMatico RSS Feed Fetcher (CVE-2025-13031) , Dec 11, 2025
New vulnerability
Qubely – Advanced Gutenberg Blocks (CVE-2025-58663) , Apr 25, 2026
WooCommerce Additional Fees On Checkout (Free) (CVE-2025-57903) , Apr 25, 2026
Save as PDF plugin by Pdfcrowd (CVE-2025-59552) , Apr 25, 2026
ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) (CVE-2026-5488) , Apr 25, 2026
Responsive Lightbox & Gallery (CVE-2025-5093) , Apr 25, 2026